util/nvmutil: err if arc4random disused on bsd

arc4random is superior, so using /dev/urandom would be a mistake. we only use that on linux, or old/weird unix. we would also use it on linux, but GNU prohibits nice things (its implementations are spotty, and old glibc doesn't have it - before 2022 there is libbsd, but i'm not importing that). not that it matters. we're not doing encryption. i'm just a stickler for technical correctness. Signed-off-by: Leah Rowe <leah@libreboot.org>
author: Leah Rowe <leah@libreboot.org> 2026-03-08 13:15:54 +0000
committer: Leah Rowe <leah@libreboot.org> 2026-03-08 13:32:14 +0000
commit: 92bd44676ab92407e837d87db790fac674f2214a (patch)
tree: 16fdcd5be5e074f5421fe1625dda25257ea53552 /util
parent: e5d0dee6684c1a37b3c07f1f2690e384e1dfcc55 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index 93cbc459..34bca222 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -268,9 +268,15 @@ main(int argc, char *argv[])
 	if (cmd_index == CMD_SETMAC)
 		printf("Randomisation method: arc4random_buf\n");
 #else
+#if defined(__OpenBSD__) || defined(__FreeBSD__) || \
+    defined(__NetBSD__) || defined(__APPLE__) || \
+    defined(__DragonFly__)
+	err(ECANCELED, "Maintainer error: arc4random disabled on BSD/MacOS");
+#endif
 	if (cmd_index == CMD_SETMAC)
 		open_dev_urandom();
 #endif
+
 	open_gbe_file();
 
 #ifdef __OpenBSD__
author	Leah Rowe <leah@libreboot.org>	2026-03-08 13:15:54 +0000
committer	Leah Rowe <leah@libreboot.org>	2026-03-08 13:32:14 +0000
commit	92bd44676ab92407e837d87db790fac674f2214a (patch)
tree	16fdcd5be5e074f5421fe1625dda25257ea53552 /util
parent	e5d0dee6684c1a37b3c07f1f2690e384e1dfcc55 (diff)